CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2026-7905
https://notcve.org/view.php?id=CVE-2026-7905
06 May 2026 — Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2026-7900
https://notcve.org/view.php?id=CVE-2026-7900
06 May 2026 — Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2026-34464 – Sandboxie-Plus NamedPipeServer OpenHandler stack overflow via unterminated server field
https://notcve.org/view.php?id=CVE-2026-34464
05 May 2026 — Sandboxie-Plus is an open source sandbox-based isolation software for Windows. ... This message is restricted to sandboxed callers, making it a sandbox escape vector. • https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-cf8x-f33g-vwfg • CWE-121: Stack-based Buffer Overflow CWE-170: Improper Null Termination •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2026-34459 – Sandboxie-Plus sandbox escape via uninitialized memory leak and stack overflow in GetRawInputDeviceInfoSlave
https://notcve.org/view.php?id=CVE-2026-34459
05 May 2026 — Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request with cbSize set to 0, up to 32KB of uninitialized stack memory from the service process is returned, leaking return addresses and stack cookies which bypass ASLR and /GS protections... • https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-7cpc-5hv7-rfmh • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2026-34458 – Sandboxie-Plus privilege escalation via INI CRLF injection bypassing EditAdminOnly
https://notcve.org/view.php?id=CVE-2026-34458
05 May 2026 — Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions (EditAdminOnly and ConfigPassword) and inject arbitrary directives into the global Sandboxie.ini configuration file. ... An attacker can inject a new sandbox section header with unrestricted permissions, enabling sandbox escape and SYSTEM privilege escalation. • https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.3 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2026-43532 – OpenClaw 2026.4.7 < 2026.4.10 - Sandbox Media Normalization Bypass via Discord Event Cover Image
https://notcve.org/view.php?id=CVE-2026-43532
05 May 2026 — OpenClaw versions 2026.4.7 before 2026.4.10 fail to normalize Discord event cover image parameters in sandbox media processing. Attackers can bypass media normalization to inject host-local media references into channel action paths expecting normalized media. • https://www.vulncheck.com/advisories/openclaw-sandbox-media-normalization-bypass-via-discord-event-cover-image • CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-42434 – OpenClaw 2026.4.5 < 2026.4.10 - Sandbox Escape via host Parameter Override in Exec Routing
https://notcve.org/view.php?id=CVE-2026-42434
05 May 2026 — OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths. • https://www.vulncheck.com/advisories/openclaw-sandbox-escape-via-host-parameter-override-in-exec-routing • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-54345 – Frappe Framework ERPNext 13.4.0 Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-54345
05 May 2026 — Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. • http://erpnext.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2026-42234 – n8n: Python Task Runner Sandbox Escape
https://notcve.org/view.php?id=CVE-2026-42234
04 May 2026 — Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. • https://github.com/n8n-io/n8n/security/advisories/GHSA-44v6-jhgm-p3m4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2026-26956 – vm2: WASM Sandbox Escape (Node 25 only)
https://notcve.org/view.php?id=CVE-2026-26956
04 May 2026 — vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. • https://github.com/patriksimek/vm2/releases/tag/v3.10.5 • CWE-693: Protection Mechanism Failure •